Page MenuHomeFreeBSD
Differential D42000

security/clevis: NEW PORT a pluggable framework for automated decryption
Needs ReviewPublic
Actions

Authored by dch on Sep 27 2023, 3:25 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Jan 6, 7:53 AM
Unknown Object (File)
Nov 5 2024, 1:50 PM
Unknown Object (File)
Nov 1 2024, 9:29 PM
Unknown Object (File)
Oct 3 2024, 1:09 PM
Unknown Object (File)
Oct 3 2024, 8:39 AM
Unknown Object (File)
Sep 27 2024, 11:41 AM
Unknown Object (File)
Sep 26 2024, 6:02 AM
Unknown Object (File)
Sep 8 2024, 8:04 PM
View All 23 Files
Subscribers
mat
This revision needs review, but there are no reviewers specified.

Details

Reviewers
None
Summary

Using security/tang as an example, it is possible for clevis to retrieve
a previously encrypted secret from the stateless tang server, without
the server having any knowledge of the secret.

Plugins, called pins, can be nested and combined in various ways,
from network presence, to Shamir secret sharing, and TPM2 hardware.

WIP - requires changes upstream.

Diff Detail

Repository
rP FreeBSD ports repository
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 53745
Build 50636: arc lint + arc unit

Revision Contents
Changeset List

PathSize
security/
1 line
clevis/
26 lines
3 lines
20 lines

Diff 127867

View Options

security/Makefile

Loading...
View Options

security/clevis/Makefile

Loading...
View Options

security/clevis/distinfo

Loading...
View Options

security/clevis/pkg-descr

Loading...